working on token endpoint

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>

de.srsoftware.logging/src/main/java/de/srsoftware/logging/ColorLogger.java

@@ -1,15 +1,14 @@
 /* © SRSoftware 2024 */
 package de.srsoftware.logging;
 
+import static de.srsoftware.logging.ConsoleColors.*;
+import static java.lang.System.Logger.Level.*;
+
 import java.text.MessageFormat;
 import java.text.SimpleDateFormat;
 import java.util.Date;
-import java.util.Map;
 import java.util.ResourceBundle;
 
-import static de.srsoftware.logging.ConsoleColors.*;
-import static java.lang.System.Logger.Level.*;
-
 public class ColorLogger implements System.Logger {
 	private final String name;
 	private static int   rootLevel = INFO.getSeverity();

de.srsoftware.logging/src/main/java/de/srsoftware/logging/ConsoleColors.java

@@ -1,3 +1,4 @@
+/* © SRSoftware 2024 */
 package de.srsoftware.logging;
 
 public class ConsoleColors {

de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Constants.java

@@ -6,9 +6,11 @@ public class Constants {
 	public static final String CLIENT_ID     = "client_id";
 	public static final String CODE	         = "code";
 	public static final String CONFIRMED     = "confirmed";
+	public static final String GRANT_TYPE    = "grant_type";
 	public static final String NAME	         = "name";
 	public static final String REDIRECT_URI  = "redirect_uri";
 	public static final String REDIRECT_URIS = "redirect_uris";
 	public static final String SECRET        = "secret";
 	public static final String STATE         = "state";
+	public static final String ATUH_CODE     = "authorization_code";
 }

de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/PathHandler.java

@@ -18,11 +18,13 @@ import java.util.stream.Stream;
 import org.json.JSONObject;
 
 public abstract class PathHandler implements HttpHandler {
-	public System.Logger       LOG	        = System.getLogger(getClass().getSimpleName());
 	public static final String  CONTENT_TYPE = "Content-Type";
 	public static final String  DELETE       = "DELETE";
+	private static final String FORWARDED_HOST = "x-forwarded-host";
 	public static final String  GET	         = "GET";
+	public static final String HOST = "host";
 	public static final String  JSON         = "application/json";
+	public static System.Logger LOG	         = System.getLogger(PathHandler.class.getSimpleName());
 	public static final String  POST         = "POST";
 
 	private String[] paths;
@@ -96,7 +98,10 @@ public abstract class PathHandler implements HttpHandler {
 		}
 
 		public static String hostname(HttpExchange ex) {
-			return "http://%s".formatted(ex.getRequestHeaders().getFirst("Host"));
+			var headers = ex.getRequestHeaders();
+			var host = headers.getFirst(FORWARDED_HOST);
+			if (host == null) host = headers.getFirst(HOST);
+			return host == null ? null : "https://"+host;
 		}
 
 		public static JSONObject json(HttpExchange ex) throws IOException {
@@ -118,6 +123,7 @@ public abstract class PathHandler implements HttpHandler {
 		}
 
 		public static boolean sendContent(HttpExchange ex, int status, byte[] bytes) throws IOException {
+			LOG.log(DEBUG, "sending {0} response…", status);
 			ex.sendResponseHeaders(status, bytes.length);
 			ex.getResponseBody().write(bytes);
 			return true;

de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/Backend.java

@@ -12,9 +12,11 @@ import com.sun.net.httpserver.HttpExchange;
 import de.srsoftware.cookies.SessionToken;
 import de.srsoftware.oidc.api.*;
 import java.io.IOException;
+import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Optional;
+import java.util.stream.Collectors;
 import org.json.JSONObject;
 
 public class Backend extends PathHandler {
@@ -186,11 +188,18 @@ public class Backend extends PathHandler {
 	}
 
 	private boolean provideToken(HttpExchange ex) throws IOException {
-		LOG.log(ERROR,"{0}.provideToken(ex) not implemented!\n", getClass().getSimpleName());
+		var map = deserialize(body(ex));
-		LOG.log(WARNING,json(ex));
+		LOG.log(WARNING, "map: {0}", map);
+		LOG.log(ERROR, "{0}.provideToken(ex) not implemented!", getClass().getSimpleName());
+		var grantType = map.get(GRANT_TYPE);
+		if (!ATUH_CODE.equals(grantType)) sendContent(ex, HTTP_BAD_REQUEST, Map.of(ERROR, "unknown grant type", GRANT_TYPE, grantType));
 		return sendEmptyResponse(HTTP_NOT_FOUND, ex);
 	}
 
+	private Map<String, String> deserialize(String body) {
+		return Arrays.stream(body.split("&")).map(s -> s.split("=")).collect(Collectors.toMap(arr -> arr[0], arr -> arr[1]));
+	}
+
 	private boolean openidConfig(HttpExchange ex) throws IOException {
 		var host = hostname(ex);
 		return sendContent(ex, Map.of("token_endpoint", host + "/api/token", "authorization_endpoint", host + "/web/authorization.html", "userinfo_endpoint", host + "/api/userinfo", "jwks_uri", host + "/api/jwks"));

de.srsoftware.oidc.web/src/main/java/de/srsoftware/oidc/web/Forward.java

@@ -1,12 +1,12 @@
 /* © SRSoftware 2024 */
 package de.srsoftware.oidc.web;
 
+import static java.lang.System.Logger.Level.INFO;
+
 import com.sun.net.httpserver.HttpExchange;
 import de.srsoftware.oidc.api.PathHandler;
 import java.io.IOException;
 
-import static java.lang.System.Logger.Level.INFO;
-
 public class Forward extends PathHandler {
 	private final int    CODE = 302;
 	private final String toPath;

de.srsoftware.oidc.web/src/main/resources/en/clients.html

@@ -12,6 +12,8 @@
         <a id="clients" href="clients.html">Clients</a>
     </nav>
     <h1>Clients</h1>
+    <a href="https://umbrella.srsoftware.de/user/login">Umbrella</a>
+
     <fieldset>
         <legend>These are clients that are registered with LightOIDC:</legend>
         <table>

de.srsoftware.oidc.web/src/main/resources/en/login.html

@@ -29,6 +29,5 @@
                 </tr>
             </table>
         </fieldset>
-        <a href="https://umbrella.srsoftware.de/user/login">Umbrella</a>
     </body>
 </html>